Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Proxy virus/hijack, New tab pop-ups and adware! [Closed]


  • This topic is locked This topic is locked
5 replies to this topic

#1 tcmiller

tcmiller

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 20 May 2014 - 11:27 AM

I am running windows 8.1 and using Chrome browser, Chrome shows a proxy server as 127.0.0.1:8118 places ads on pages that I know ads are not there, doesn't allow me access to some of my vendors sites and opens new tabs with directing to driver downloads or updates. Every time I change the proxy server settings it reappears. I have AVG free version and it hasn't reported any problems since this started about 5 days ago. I have updated virus database (twice).

olt.txt:
OTL logfile created on: 5/20/2014 11:05:22 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\TC\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.53% Memory free
7.94 Gb Paging File | 6.35 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 211.35 Gb Free Space | 90.75% Space Free | Partition Type: NTFS
Drive D: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 111.79 Gb Total Space | 53.56 Gb Free Space | 47.91% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 283.21 Gb Free Space | 60.81% Space Free | Partition Type: NTFS

Computer Name: TC-PC | User Name: TC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - E:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - E:\Users\TC\Desktop\OTL.exe (OldTimer Tools)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
PRC - E:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - E:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe ()
PRC - E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)


========== Modules (No Company Name) ==========

MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll ()
MOD - E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AppXSvc) -- E:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- E:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- E:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- E:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- E:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (ClickToRunSvc) -- E:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- E:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- E:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- E:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- E:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- E:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- E:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- E:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- E:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- E:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- E:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- E:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- E:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- E:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- E:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- E:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (PrintNotify) -- E:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- E:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- E:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- E:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- E:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- E:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- E:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- E:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- E:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- E:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- E:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- E:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- E:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- E:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- E:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- E:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- E:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- E:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SystemUpdatekb70007) -- E:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
SRV - (MozillaMaintenance) -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WAS) -- E:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- E:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- E:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- E:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (lfsvc) -- E:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Stereo Service) -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- E:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- E:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- E:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (SwitchBoard) -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (EPSON_EB_RPCV4_01) -- E:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) -- E:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Avgldx64) -- E:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- E:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- E:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- E:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- E:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- E:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- E:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (avgtp) -- E:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (USBHUB3) -- E:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (CLFS) -- E:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- E:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- E:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- E:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (Avgwfpa) -- E:\Windows\SysNative\drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (WdFilter) -- E:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- E:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- E:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- E:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- E:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- E:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- E:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- E:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- E:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- E:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- E:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- E:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- E:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- E:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- E:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- E:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- E:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- E:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- E:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- E:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- E:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- E:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- E:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- E:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- E:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- E:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Avgboota) -- E:\Windows\SysNative\drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (condrv) -- E:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- E:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- E:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- E:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- E:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- E:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- E:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- E:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- E:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- E:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- E:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- E:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- E:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- E:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- E:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- E:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- E:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- E:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- E:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- E:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- E:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- E:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- E:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- E:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- E:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- E:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- E:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- E:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- E:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- E:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- E:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- E:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- E:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- E:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- E:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- E:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- E:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- E:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- E:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- E:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- E:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- E:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- E:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- E:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- E:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- E:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- E:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- E:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- E:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- E:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- E:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- E:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- E:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- E:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- E:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- E:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (FETNDIS) -- E:\Windows\SysNative\drivers\fetn63a.sys (VIA Technologies, Inc. )
DRV:64bit: - (e1express) -- E:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...M=IE8SRC<br />
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE
- HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE
- HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 41 33 95 EE 1E CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/02/18 12:36:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\sp2@sp.com: E:\Program Files (x86)\Social Privacy\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins

[2014/01/31 21:15:41 | 000,000,000 | ---D | M] (No name found) -- E:\Users\TC\AppData\Roaming\mozilla\Extensions
[2014/05/19 13:08:36 | 000,000,000 | ---D | M] (No name found) -- E:\Users\TC\AppData\Roaming\mozilla\firefox\Profiles\cbp1j90p.default\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/05/15 14:03:59 | 000,000,741 | ---- | M]) - E:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] E:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] E:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] E:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SwitchBoard] E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EPSON Color] E:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFEA.EXE /FU "E:\Users\TC\AppData\Local\Temp\E_SA5D9.tmp" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Se&nd to OneNote - E:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Se&nd to OneNote - E:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76C74BA9-314C-4190-BAF7-424FAE8385CC}: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07E79E6-ADED-4DB0-87BD-CD4E8676521F}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - E:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 03:29:38 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2014/05/12 17:19:22 | 000,000,000 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: lfsvc - E:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - E:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - E:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - E:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - E:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - E:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - E:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - E:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/05/20 10:53:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/20 10:42:56 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MSR
[2014/05/19 17:20:52 | 000,000,000 | ---D | C] -- E:\Users\TC\Tracing
[2014/05/19 17:06:45 | 000,000,000 | ---D | C] -- E:\WINDOWS\en
[2014/05/19 17:06:41 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2014/05/19 17:06:35 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/05/19 17:06:20 | 000,000,000 | ---D | C] -- E:\Program Files\Windows Live
[2014/05/19 17:06:19 | 000,000,000 | ---D | C] -- E:\WINDOWS\PCHEALTH
[2014/05/19 17:06:15 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Windows Live
[2014/05/19 17:06:10 | 002,526,056 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\D3DCompiler_43.dll
[2014/05/19 17:06:10 | 002,106,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2014/05/19 17:06:10 | 000,527,192 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\XAudio2_7.dll
[2014/05/19 17:06:10 | 000,518,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\XAudio2_7.dll
[2014/05/19 17:06:10 | 000,077,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\XAPOFX1_5.dll
[2014/05/19 17:06:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2014/05/19 17:05:37 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Windows Live
[2014/05/19 17:05:26 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Windows Live
[2014/05/19 14:28:46 | 000,982,016 | ---- | C] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:50:47 | 005,200,426 | ---- | C] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/19 13:49:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 13:41:11 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\CrashDumps
[2014/05/19 13:37:15 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\MigWiz
[2014/05/19 13:00:31 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Mozilla
[2014/05/19 10:13:03 | 000,000,000 | ---D | C] -- E:\WINDOWS\ERUNT
[2014/05/19 10:10:31 | 000,000,000 | ---D | C] -- E:\AdwCleaner
[2014/05/19 10:08:13 | 001,016,261 | ---- | C] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 10:04:19 | 000,000,000 | ---D | C] -- E:\Users\TC\Desktop\rkill
[2014/05/19 10:01:06 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/15 14:08:53 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/15 14:08:10 | 000,000,000 | ---D | C] -- E:\ProgramData\Malwarebytes
[2014/05/15 12:28:52 | 000,536,576 | ---- | C] (SQLite Development Team) -- E:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/15 12:17:43 | 000,000,000 | ---D | C] -- E:\Users\TC\Desktop\RK_Quarantine
[2014/05/15 12:16:29 | 000,000,000 | ---D | C] -- E:\ProgramData\HitmanPro
[2014/05/14 21:40:18 | 000,308,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wusa.exe
[2014/05/14 21:40:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 21:40:17 | 000,257,880 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 21:40:17 | 000,123,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 21:40:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 21:40:13 | 013,288,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinui.dll
[2014/05/14 21:40:13 | 000,190,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 21:40:12 | 011,792,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 21:40:12 | 001,705,472 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 21:40:12 | 001,054,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 21:40:12 | 000,921,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 21:40:12 | 000,828,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 21:40:12 | 000,827,392 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 21:40:12 | 000,754,688 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 21:40:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 21:40:12 | 000,555,736 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 21:40:12 | 000,419,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 21:40:12 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 21:40:12 | 000,249,344 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 21:40:12 | 000,201,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 21:40:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 21:40:12 | 000,137,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 21:40:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 21:40:12 | 000,093,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 21:40:12 | 000,080,896 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 21:40:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSReset.exe
[2014/05/14 21:40:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wups.dll
[2014/05/14 21:40:12 | 000,054,776 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 21:40:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 21:40:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 21:40:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wups.dll
[2014/05/14 21:40:03 | 000,084,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 21:40:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 21:39:41 | 000,086,688 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mrt_map.dll
[2014/05/14 21:39:41 | 000,080,032 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mrt_map.dll
[2014/05/14 21:39:41 | 000,028,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mrt100.dll
[2014/05/14 21:39:41 | 000,026,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mrt100.dll
[2014/05/13 14:20:26 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/05/13 13:48:38 | 000,000,000 | --SD | C] -- E:\Users\TC\Documents\My Data Sources
[2014/05/12 22:54:03 | 000,000,000 | ---D | C] -- E:\Users\TC\.android
[2014/05/12 22:53:03 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\CrashRpt
[2014/05/12 22:50:22 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Angry_Birds
[2014/05/12 22:42:54 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Deployment
[2014/05/12 22:31:49 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\EmieUserList
[2014/05/12 22:31:49 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\EmieSiteList
[2014/05/12 22:26:47 | 000,000,000 | ---D | C] -- E:\WINDOWS\Microsoft
[2014/05/12 17:18:42 | 000,000,000 | ---D | C] -- E:\Program Files\Enigma Software Group
[2014/05/12 17:18:17 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/05/05 12:25:00 | 000,000,000 | ---D | C] -- E:\WINDOWS\Panther
[2014/05/05 12:23:48 | 016,875,520 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 012,732,416 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 008,653,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 007,425,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/05 12:23:48 | 006,641,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mstscax.dll
[2014/05/05 12:23:48 | 005,833,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 005,770,752 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mstscax.dll
[2014/05/05 12:23:48 | 004,268,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/05 12:23:48 | 002,900,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\msftedit.dll
[2014/05/05 12:23:48 | 002,641,920 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\authui.dll
[2014/05/05 12:23:48 | 002,373,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
[2014/05/05 12:23:48 | 002,317,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\authui.dll
[2014/05/05 12:23:48 | 002,270,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\msftedit.dll
[2014/05/05 12:23:48 | 002,141,912 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\d3d11.dll
[2014/05/05 12:23:48 | 002,133,504 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dwmcore.dll
[2014/05/05 12:23:48 | 002,088,160 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\explorer.exe
[2014/05/05 12:23:48 | 001,843,712 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Display.dll
[2014/05/05 12:23:48 | 001,816,576 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Display.dll
[2014/05/05 12:23:48 | 001,779,800 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\d3d11.dll
[2014/05/05 12:23:48 | 001,764,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/05 12:23:48 | 001,656,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/05 12:23:48 | 001,542,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ole32.dll
[2014/05/05 12:23:48 | 001,466,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\propsys.dll
[2014/05/05 12:23:48 | 001,411,584 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\lsasrv.dll
[2014/05/05 12:23:48 | 001,351,168 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/05 12:23:48 | 001,339,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gdi32.dll
[2014/05/05 12:23:48 | 001,306,624 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/05 12:23:48 | 001,291,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\kernel32.dll
[2014/05/05 12:23:48 | 001,230,336 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/05 12:23:48 | 001,129,472 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/05 12:23:48 | 001,112,536 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\KernelBase.dll
[2014/05/05 12:23:48 | 001,057,280 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/05 12:23:48 | 001,023,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\localspl.dll
[2014/05/05 12:23:48 | 001,015,808 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\aclui.dll
[2014/05/05 12:23:48 | 000,958,464 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,950,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReAgent.dll
[2014/05/05 12:23:48 | 000,924,160 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/05 12:23:48 | 000,918,528 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,888,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/05 12:23:48 | 000,887,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\aclui.dll
[2014/05/05 12:23:48 | 000,872,448 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/05 12:23:48 | 000,855,552 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/05 12:23:48 | 000,834,560 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netlogon.dll
[2014/05/05 12:23:48 | 000,801,792 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,800,256 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\adtschema.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\adtschema.dll
[2014/05/05 12:23:48 | 000,721,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/05 12:23:48 | 000,717,312 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\nshwfp.dll
[2014/05/05 12:23:48 | 000,669,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rasapi32.dll
[2014/05/05 12:23:48 | 000,667,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gpprefcl.dll
[2014/05/05 12:23:48 | 000,655,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dnsapi.dll
[2014/05/05 12:23:48 | 000,629,760 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,621,568 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/05 12:23:48 | 000,589,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\gpprefcl.dll
[2014/05/05 12:23:48 | 000,567,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/05 12:23:48 | 000,563,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,542,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,518,552 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dxgi.dll
[2014/05/05 12:23:48 | 000,512,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlidprov.dll
[2014/05/05 12:23:48 | 000,492,256 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfsvr.dll
[2014/05/05 12:23:48 | 000,488,280 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netcfgx.dll
[2014/05/05 12:23:48 | 000,467,800 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/05 12:23:48 | 000,467,504 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioSes.dll
[2014/05/05 12:23:48 | 000,463,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEng.dll
[2014/05/05 12:23:48 | 000,462,336 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlangpui.dll
[2014/05/05 12:23:48 | 000,444,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,443,904 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlansec.dll
[2014/05/05 12:23:48 | 000,428,888 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/05 12:23:48 | 000,425,984 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\clusapi.dll
[2014/05/05 12:23:48 | 000,412,672 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,402,432 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,390,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/05 12:23:48 | 000,388,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/05 12:23:48 | 000,386,560 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/05 12:23:48 | 000,379,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/05 12:23:48 | 000,376,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/05 12:23:48 | 000,370,176 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/05 12:23:48 | 000,364,640 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,360,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,356,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/05 12:23:48 | 000,356,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dcomp.dll
[2014/05/05 12:23:48 | 000,355,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,337,752 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/05 12:23:48 | 000,334,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDEServer.exe
[2014/05/05 12:23:48 | 000,325,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\LocationApi.dll
[2014/05/05 12:23:48 | 000,313,344 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\clusapi.dll
[2014/05/05 12:23:48 | 000,305,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,300,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/05 12:23:48 | 000,299,008 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\pdh.dll
[2014/05/05 12:23:48 | 000,298,496 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSDMon.dll
[2014/05/05 12:23:48 | 000,296,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanapi.dll
[2014/05/05 12:23:48 | 000,291,840 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,274,944 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/05 12:23:48 | 000,271,872 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\spp.dll
[2014/05/05 12:23:48 | 000,264,192 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,262,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/05 12:23:48 | 000,254,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\pdh.dll
[2014/05/05 12:23:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,247,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/05 12:23:48 | 000,244,888 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\audiodg.exe
[2014/05/05 12:23:48 | 000,230,400 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/05 12:23:48 | 000,226,304 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,222,720 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dcomp.dll
[2014/05/05 12:23:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\cdd.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReInfo.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/05 12:23:48 | 000,197,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,192,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/05 12:23:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/05 12:23:48 | 000,171,008 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/05 12:23:48 | 000,160,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,157,016 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/05 12:23:48 | 000,151,040 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,139,776 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,136,024 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/05 12:23:48 | 000,115,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/05 12:23:48 | 000,113,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\userenv.dll
[2014/05/05 12:23:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/05 12:23:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvinst.exe
[2014/05/05 12:23:48 | 000,102,912 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\davclnt.dll
[2014/05/05 12:23:48 | 000,098,816 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\drvinst.exe
[2014/05/05 12:23:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\RMapi.dll
[2014/05/05 12:23:48 | 000,083,968 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\sxproxy.dll
[2014/05/05 12:23:48 | 000,079,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\w32tm.exe
[2014/05/05 12:23:48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\w32tm.exe
[2014/05/05 12:23:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/05 12:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\tsgqec.dll
[2014/05/05 12:23:48 | 000,058,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/05 12:23:48 | 000,057,856 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvcfg.exe
[2014/05/05 12:23:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/05 12:23:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,040,448 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/05 12:23:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/05 12:23:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,027,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/05 12:18:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Reference Assemblies
[2014/05/05 12:18:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MSBuild
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\Program Files\Reference Assemblies
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysNative\msmq
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\Program Files\MSBuild
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\inetpub
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysWow64\BestPractices
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysNative\BestPractices
[2014/05/05 12:18:02 | 000,606,720 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/05 12:18:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisRtl.dll
[2014/05/05 12:18:02 | 000,173,568 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/05 12:18:02 | 000,157,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/05 12:18:02 | 000,095,744 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/05 12:18:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/05 12:18:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ahadmin.dll
[2014/05/05 12:18:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/05 12:18:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\admwprox.dll
[2014/05/05 12:18:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\admwprox.dll
[2014/05/05 12:18:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/05 12:18:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisreset.exe
[2014/05/05 12:18:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wamregps.dll
[2014/05/05 12:18:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/05 12:18:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisrstap.dll
[2014/05/05 12:18:01 | 000,788,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsnap.dll
[2014/05/05 12:18:01 | 000,563,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqutil.dll
[2014/05/05 12:18:01 | 000,253,440 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.dll
[2014/05/05 12:18:01 | 000,231,424 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsec.dll
[2014/05/05 12:18:01 | 000,227,840 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqrt.dll
[2014/05/05 12:18:01 | 000,226,816 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqad.dll
[2014/05/05 12:18:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/05 12:18:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/05 12:18:01 | 000,122,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/05 12:18:01 | 000,095,744 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.tlb
[2014/05/05 12:18:01 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/05 12:18:01 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/05 12:18:01 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/05 12:18:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/05 12:18:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcertui.dll
[2014/05/05 12:18:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisreset.exe
[2014/05/05 12:18:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wamregps.dll
[2014/05/05 12:18:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/05 12:18:00 | 001,408,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqqm.dll
[2014/05/05 12:18:00 | 000,563,712 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqutil.dll
[2014/05/05 12:18:00 | 000,302,080 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.dll
[2014/05/05 12:18:00 | 000,184,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsec.dll
[2014/05/05 12:18:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqad.dll
[2014/05/05 12:18:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqrt.dll
[2014/05/05 12:18:00 | 000,131,072 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/05 12:18:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/05 12:17:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqbkup.exe
[2014/05/05 12:17:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsvc.exe
[2014/05/05 12:17:49 | 000,778,936 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014/05/05 12:17:49 | 000,102,608 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/05/05 12:17:49 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/05/05 12:17:48 | 001,166,520 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2014/05/05 12:17:48 | 000,124,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/05/05 12:17:48 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/05/05 10:41:33 | 000,000,000 | R--D | C] -- E:\Users\TC\OneDrive
[2014/05/05 10:38:33 | 000,000,000 | -HSD | C] -- E:\ProgramData\Favorites
[2014/05/05 10:33:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\SpeechEngines
[2014/05/05 10:32:59 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\SpeechEngines
[2014/05/05 10:30:24 | 000,000,000 | --SD | C] -- E:\Users\TC\AppData\Roaming\Microsoft
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Favorites
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Documents
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Desktop
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\Temporary Internet Files
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Templates
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Start Menu
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\SendTo
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Recent
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\PrintHood
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\NetHood
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Videos
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Pictures
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Music
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\My Documents
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Local Settings
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\History
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Cookies
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Application Data
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\Application Data
[2014/05/05 10:30:24 | 000,000,000 | -H-D | C] -- E:\Users\TC\AppData
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Temp
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Microsoft
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/05 10:26:16 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA
[2014/05/05 10:26:13 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvcpl.dll
[2014/05/05 10:26:13 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvsvc64.dll
[2014/05/05 10:26:13 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvmctray.dll
[2014/05/05 10:26:13 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvshext.dll
[2014/05/05 10:26:07 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA Corporation
[2014/05/05 10:26:04 | 000,000,000 | ---D | C] -- E:\Program Files\NVIDIA Corporation
[2014/05/05 10:25:59 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/05/05 10:25:59 | 000,000,000 | ---D | C] -- E:\ProgramData\EPSON
[2014/05/05 10:25:42 | 000,000,000 | ---D | C] -- E:\WINDOWS\Prefetch
[2014/04/30 13:41:01 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Diagnostics
[2014/04/29 19:07:29 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Thunderbird
[2014/04/29 15:03:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Corel
[2014/04/29 15:01:42 | 000,000,000 | ---D | C] -- E:\Program Files\Corel
[2014/04/29 14:18:24 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\My Palettes
[2014/04/29 14:15:12 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Corel
[2014/04/29 14:15:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Protexis64
[2014/04/29 14:06:56 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\Corel
[2014/04/29 14:06:54 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\Visual Studio 2008
[2014/04/29 14:06:19 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SDKs
[2014/04/29 14:06:18 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Visual Studio 9.0
[2014/04/29 14:06:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help
[2014/04/29 14:06:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Intel
[2014/04/29 13:58:15 | 000,000,000 | ---D | C] -- E:\ProgramData\CorelDRAW Graphics Suite X6
[2014/04/25 08:40:28 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Avg Secure Update
[2014/04/24 12:49:30 | 000,000,000 | ---D | C] -- E:\AITEMP
[2014/04/22 11:31:56 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\TeamViewer
[2014/04/22 11:31:54 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\TeamViewer
[1 E:\WINDOWS\SysNative\*.tmp files -> E:\WINDOWS\SysNative\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/20 10:53:28 | 000,625,664 | ---- | M] () -- E:\Users\TC\Desktop\dds.scr
[2014/05/20 10:53:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/20 10:50:05 | 000,994,000 | ---- | M] () -- E:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/20 10:50:05 | 000,823,842 | ---- | M] () -- E:\WINDOWS\SysNative\perfh009.dat
[2014/05/20 10:50:05 | 000,168,842 | ---- | M] () -- E:\WINDOWS\SysNative\perfc009.dat
[2014/05/20 10:44:58 | 000,002,203 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 10:44:53 | 000,067,584 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2014/05/20 10:43:53 | 000,000,886 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/20 10:43:35 | 000,000,386 | ---- | M] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/05/20 10:43:31 | 000,000,386 | ---- | M] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/05/20 10:42:45 | 268,435,456 | -HS- | M] () -- E:\swapfile.sys
[2014/05/20 10:42:42 | 3170,185,216 | -HS- | M] () -- E:\hiberfil.sys
[2014/05/20 10:39:11 | 001,326,389 | ---- | M] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/20 10:30:00 | 000,000,890 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/19 14:28:50 | 000,982,016 | ---- | M] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:51:04 | 005,200,426 | ---- | M] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/19 13:49:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 10:21:27 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/19 10:21:04 | 005,318,392 | ---- | M] () -- E:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/19 10:08:13 | 001,016,261 | ---- | M] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 10:01:07 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/19 09:13:26 | 000,000,981 | ---- | M] () -- E:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/16 09:37:45 | 000,005,728 | ---- | M] () -- E:\Users\Public\Documents\emailexport.csv
[2014/05/15 14:03:59 | 000,000,741 | ---- | M] () -- E:\WINDOWS\SysNative\drivers\etc\hosts
[2014/05/15 12:24:11 | 003,972,608 | ---- | M] () -- E:\Users\TC\Desktop\RogueKiller (1).exe
[2014/05/15 12:21:35 | 000,004,620 | ---- | M] () -- E:\WINDOWS\SysNative\.crusader
[2014/05/15 11:54:45 | 000,002,299 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/15 10:13:59 | 000,000,104 | ---- | M] () -- E:\index.ini
[2014/05/13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/05/12 17:19:22 | 000,000,000 | ---- | M] () -- E:\autoexec.bat
[2014/05/11 18:25:46 | 000,101,914 | ---- | M] () -- E:\Users\TC\Documents\Common Medical Authorization_1.pdf
[2014/05/11 18:20:10 | 000,083,455 | ---- | M] () -- E:\Users\TC\Documents\Common Medical Authorization.pdf
[2014/05/11 18:06:32 | 000,077,123 | ---- | M] () -- E:\Users\TC\Documents\sample_schedule_FOL1146.pdf
[2014/05/08 04:35:40 | 000,050,464 | ---- | M] (AVG Technologies) -- E:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2014/05/06 11:05:50 | 000,000,162 | -H-- | M] () -- E:\Users\TC\Documents\~$inglet.htm
[2014/05/05 21:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mshtmled.dll
[2014/05/05 20:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/05 12:23:48 | 016,875,520 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 012,732,416 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 008,653,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 007,425,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/05 12:23:48 | 006,641,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mstscax.dll
[2014/05/05 12:23:48 | 005,833,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 005,770,752 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mstscax.dll
[2014/05/05 12:23:48 | 004,268,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/05 12:23:48 | 002,900,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\msftedit.dll
[2014/05/05 12:23:48 | 002,641,920 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\authui.dll
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
[2014/05/05 12:23:48 | 002,317,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\authui.dll
[2014/05/05 12:23:48 | 002,270,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\msftedit.dll
[2014/05/05 12:23:48 | 002,141,912 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\d3d11.dll
[2014/05/05 12:23:48 | 002,133,504 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dwmcore.dll
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\explorer.exe
[2014/05/05 12:23:48 | 001,843,712 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Display.dll
[2014/05/05 12:23:48 | 001,816,576 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Display.dll
[2014/05/05 12:23:48 | 001,779,800 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\d3d11.dll
[2014/05/05 12:23:48 | 001,764,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/05 12:23:48 | 001,656,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/05 12:23:48 | 001,542,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ole32.dll
[2014/05/05 12:23:48 | 001,466,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\propsys.dll
[2014/05/05 12:23:48 | 001,411,584 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\lsasrv.dll
[2014/05/05 12:23:48 | 001,351,168 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/05 12:23:48 | 001,339,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gdi32.dll
[2014/05/05 12:23:48 | 001,306,624 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/05 12:23:48 | 001,291,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\kernel32.dll
[2014/05/05 12:23:48 | 001,230,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/05 12:23:48 | 001,129,472 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/05 12:23:48 | 001,112,536 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\KernelBase.dll
[2014/05/05 12:23:48 | 001,057,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/05 12:23:48 | 001,023,488 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\localspl.dll
[2014/05/05 12:23:48 | 001,015,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\aclui.dll
[2014/05/05 12:23:48 | 000,958,464 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,950,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReAgent.dll
[2014/05/05 12:23:48 | 000,924,160 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/05 12:23:48 | 000,918,528 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,888,320 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/05 12:23:48 | 000,887,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\aclui.dll
[2014/05/05 12:23:48 | 000,872,448 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/05 12:23:48 | 000,855,552 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/05 12:23:48 | 000,834,560 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netlogon.dll
[2014/05/05 12:23:48 | 000,801,792 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,800,256 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\adtschema.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\adtschema.dll
[2014/05/05 12:23:48 | 000,721,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/05 12:23:48 | 000,717,312 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\nshwfp.dll
[2014/05/05 12:23:48 | 000,669,696 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rasapi32.dll
[2014/05/05 12:23:48 | 000,667,136 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gpprefcl.dll
[2014/05/05 12:23:48 | 000,655,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dnsapi.dll
[2014/05/05 12:23:48 | 000,629,760 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,621,568 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/05 12:23:48 | 000,589,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\gpprefcl.dll
[2014/05/05 12:23:48 | 000,567,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/05 12:23:48 | 000,563,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,542,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,518,552 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dxgi.dll
[2014/05/05 12:23:48 | 000,512,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlidprov.dll
[2014/05/05 12:23:48 | 000,492,256 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfsvr.dll
[2014/05/05 12:23:48 | 000,488,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netcfgx.dll
[2014/05/05 12:23:48 | 000,467,800 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/05 12:23:48 | 000,467,504 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioSes.dll
[2014/05/05 12:23:48 | 000,463,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEng.dll
[2014/05/05 12:23:48 | 000,462,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlangpui.dll
[2014/05/05 12:23:48 | 000,444,928 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,443,904 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlansec.dll
[2014/05/05 12:23:48 | 000,428,888 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/05 12:23:48 | 000,425,984 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\clusapi.dll
[2014/05/05 12:23:48 | 000,412,672 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,402,432 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,390,488 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/05 12:23:48 | 000,388,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/05 12:23:48 | 000,387,210 | ---- | M] () -- E:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/05 12:23:48 | 000,386,560 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/05 12:23:48 | 000,379,224 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/05 12:23:48 | 000,376,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/05 12:23:48 | 000,370,176 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/05 12:23:48 | 000,364,640 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,360,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,356,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/05 12:23:48 | 000,356,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dcomp.dll
[2014/05/05 12:23:48 | 000,355,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,337,752 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/05 12:23:48 | 000,334,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDEServer.exe
[2014/05/05 12:23:48 | 000,325,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\LocationApi.dll
[2014/05/05 12:23:48 | 000,313,344 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\clusapi.dll
[2014/05/05 12:23:48 | 000,305,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,300,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/05 12:23:48 | 000,299,008 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\pdh.dll
[2014/05/05 12:23:48 | 000,298,496 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSDMon.dll
[2014/05/05 12:23:48 | 000,296,960 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanapi.dll
[2014/05/05 12:23:48 | 000,291,840 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,274,944 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/05 12:23:48 | 000,271,872 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\spp.dll
[2014/05/05 12:23:48 | 000,264,192 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,262,656 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/05 12:23:48 | 000,254,976 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\pdh.dll
[2014/05/05 12:23:48 | 000,252,928 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,247,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/05 12:23:48 | 000,244,888 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\audiodg.exe
[2014/05/05 12:23:48 | 000,230,400 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/05 12:23:48 | 000,226,304 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,222,720 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dcomp.dll
[2014/05/05 12:23:48 | 000,212,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\cdd.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReInfo.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/05 12:23:48 | 000,197,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,192,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,186,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/05 12:23:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/05 12:23:48 | 000,171,008 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/05 12:23:48 | 000,160,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,157,016 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/05 12:23:48 | 000,151,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,139,776 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,136,024 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/05 12:23:48 | 000,115,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/05 12:23:48 | 000,113,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\userenv.dll
[2014/05/05 12:23:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/05 12:23:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvinst.exe
[2014/05/05 12:23:48 | 000,102,912 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\davclnt.dll
[2014/05/05 12:23:48 | 000,098,816 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\drvinst.exe
[2014/05/05 12:23:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\RMapi.dll
[2014/05/05 12:23:48 | 000,083,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\sxproxy.dll
[2014/05/05 12:23:48 | 000,079,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\w32tm.exe
[2014/05/05 12:23:48 | 000,070,656 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\w32tm.exe
[2014/05/05 12:23:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/05 12:23:48 | 000,064,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\tsgqec.dll
[2014/05/05 12:23:48 | 000,058,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/05 12:23:48 | 000,057,856 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvcfg.exe
[2014/05/05 12:23:48 | 000,053,248 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/05 12:23:48 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\UMDF\HidBthLE.dll
[2014/05/05 12:23:48 | 000,040,960 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/05 12:23:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/05 12:23:48 | 000,030,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,027,136 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/05 12:18:02 | 000,606,720 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/05 12:18:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisRtl.dll
[2014/05/05 12:18:02 | 000,173,568 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/05 12:18:02 | 000,157,696 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/05 12:18:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/05 12:18:02 | 000,090,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/05 12:18:02 | 000,062,976 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ahadmin.dll
[2014/05/05 12:18:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/05 12:18:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\admwprox.dll
[2014/05/05 12:18:02 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\admwprox.dll
[2014/05/05 12:18:02 | 000,036,352 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/05 12:18:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisreset.exe
[2014/05/05 12:18:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wamregps.dll
[2014/05/05 12:18:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/05 12:18:02 | 000,012,288 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisrstap.dll
[2014/05/05 12:18:01 | 000,788,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsnap.dll
[2014/05/05 12:18:01 | 000,563,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqutil.dll
[2014/05/05 12:18:01 | 000,253,440 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.dll
[2014/05/05 12:18:01 | 000,231,424 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsec.dll
[2014/05/05 12:18:01 | 000,227,840 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqrt.dll
[2014/05/05 12:18:01 | 000,226,816 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqad.dll
[2014/05/05 12:18:01 | 000,144,384 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/05 12:18:01 | 000,135,168 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/05 12:18:01 | 000,122,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/05 12:18:01 | 000,095,744 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.tlb
[2014/05/05 12:18:01 | 000,090,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/05 12:18:01 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/05 12:18:01 | 000,036,352 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/05 12:18:01 | 000,026,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/05 12:18:01 | 000,017,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcertui.dll
[2014/05/05 12:18:01 | 000,016,384 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisreset.exe
[2014/05/05 12:18:01 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wamregps.dll
[2014/05/05 12:18:01 | 000,010,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/05 12:18:01 | 000,009,096 | ---- | M] () -- E:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/05 12:18:00 | 001,408,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqqm.dll
[2014/05/05 12:18:00 | 000,563,712 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqutil.dll
[2014/05/05 12:18:00 | 000,302,080 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.dll
[2014/05/05 12:18:00 | 000,184,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsec.dll
[2014/05/05 12:18:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqad.dll
[2014/05/05 12:18:00 | 000,157,184 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqrt.dll
[2014/05/05 12:18:00 | 000,131,072 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/05 12:18:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/05 12:18:00 | 000,009,096 | ---- | M] () -- E:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/05 12:17:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqbkup.exe
[2014/05/05 12:17:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsvc.exe
[2014/05/05 10:38:02 | 000,028,578 | ---- | M] () -- E:\WINDOWS\diagwrn.xml
[2014/05/05 10:38:02 | 000,028,578 | ---- | M] () -- E:\WINDOWS\diagerr.xml
[2014/05/05 10:37:52 | 000,022,840 | ---- | M] () -- E:\WINDOWS\SysNative\emptyregdb.dat
[2014/05/05 10:26:55 | 000,966,512 | ---- | M] () -- E:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/05 10:26:01 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/05/05 09:31:35 | 000,001,518 | ---- | M] () -- E:\Users\Public\Desktop\Adobe Application Manager.lnk
[2014/05/02 07:09:44 | 000,000,132 | ---- | M] () -- E:\Users\TC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/05/01 14:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 14:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 08:11:20 | 000,002,110 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/04/29 11:20:03 | 000,961,585 | ---- | M] () -- E:\Users\TC\Documents\New Doc 2 - Scanned by CamScanner.pdf
[2014/04/29 11:05:10 | 000,227,579 | ---- | M] () -- E:\Users\TC\Documents\emails.pdf
[2014/04/24 18:26:17 | 000,001,456 | ---- | M] () -- E:\Users\TC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/04/24 10:57:50 | 000,001,043 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
[2014/04/24 10:57:50 | 000,001,019 | ---- | M] () -- E:\Users\Public\Desktop\Fotosizer.lnk
[1 E:\WINDOWS\SysNative\*.tmp files -> E:\WINDOWS\SysNative\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/20 10:53:28 | 000,625,664 | ---- | C] () -- E:\Users\TC\Desktop\dds.scr
[2014/05/20 10:39:04 | 001,326,389 | ---- | C] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/19 17:06:40 | 000,001,321 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/05/19 17:06:38 | 000,001,390 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2014/05/19 17:06:33 | 000,001,474 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2014/05/19 17:06:30 | 000,002,502 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2014/05/16 09:37:45 | 000,005,728 | ---- | C] () -- E:\Users\Public\Documents\emailexport.csv
[2014/05/15 12:24:06 | 003,972,608 | ---- | C] () -- E:\Users\TC\Desktop\RogueKiller (1).exe
[2014/05/15 12:21:35 | 000,004,620 | ---- | C] () -- E:\WINDOWS\SysNative\.crusader
[2014/05/15 10:13:18 | 000,000,104 | ---- | C] () -- E:\index.ini
[2014/05/12 17:19:22 | 000,000,000 | ---- | C] () -- E:\autoexec.bat
[2014/05/11 18:21:32 | 000,101,914 | ---- | C] () -- E:\Users\TC\Documents\Common Medical Authorization_1.pdf
[2014/05/11 18:20:09 | 000,083,455 | ---- | C] () -- E:\Users\TC\Documents\Common Medical Authorization.pdf
[2014/05/11 18:06:32 | 000,077,123 | ---- | C] () -- E:\Users\TC\Documents\sample_schedule_FOL1146.pdf
[2014/05/06 11:05:50 | 000,000,162 | -H-- | C] () -- E:\Users\TC\Documents\~$inglet.htm
[2014/05/05 12:23:48 | 000,387,210 | ---- | C] () -- E:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/05 12:18:01 | 000,009,096 | ---- | C] () -- E:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/05 12:18:00 | 000,009,096 | ---- | C] () -- E:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/05 10:40:30 | 000,001,442 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/05 10:33:28 | 000,001,547 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/05/05 10:30:27 | 000,028,578 | ---- | C] () -- E:\WINDOWS\diagwrn.xml
[2014/05/05 10:30:27 | 000,028,578 | ---- | C] () -- E:\WINDOWS\diagerr.xml
[2014/05/05 10:30:24 | 000,000,369 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/05/05 10:30:24 | 000,000,369 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/05/05 10:30:24 | 000,000,352 | ---- | C] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/05 10:30:24 | 000,000,334 | ---- | C] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/05/05 10:26:55 | 000,966,512 | ---- | C] () -- E:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/05 10:26:01 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/05/05 09:36:18 | 000,001,195 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS6.lnk
[2014/05/05 09:35:26 | 000,001,169 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2014/05/05 09:34:53 | 000,001,285 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2014/04/29 11:20:03 | 000,961,585 | ---- | C] () -- E:\Users\TC\Documents\New Doc 2 - Scanned by CamScanner.pdf
[2014/04/29 11:05:09 | 000,227,579 | ---- | C] () -- E:\Users\TC\Documents\emails.pdf
[2014/04/25 08:40:28 | 000,000,386 | ---- | C] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/04/25 08:40:28 | 000,000,386 | ---- | C] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/03/18 04:15:05 | 000,002,255 | ---- | C] () -- E:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 04:14:37 | 000,103,936 | ---- | C] () -- E:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/04 20:29:25 | 000,000,132 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
[2014/02/26 15:47:03 | 000,001,456 | ---- | C] () -- E:\Users\TC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/02/13 10:33:58 | 000,000,132 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/02/01 19:09:43 | 000,000,075 | ---- | C] () -- E:\ProgramData\nvUnsupRes.dat
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- E:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- E:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- E:\WINDOWS\mib.bin
[2013/08/21 21:32:36 | 000,046,080 | ---- | C] () -- E:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- E:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- E:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2014/05/12 02:30:29 | 000,000,227 | RHS- | M] () -- E:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = E:\Windows\SysNative\shell32.dll -- [2014/03/27 03:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 01:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/05/12 22:50:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Angry_Birds
[2014/02/25 10:44:17 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\AVG
[2014/04/09 12:22:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\AVG2014
[2014/05/04 23:35:07 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Azureus
[2014/02/14 16:10:05 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/05/06 13:10:34 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\FileZilla
[2014/02/10 13:39:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\PDAppFlex
[2014/01/31 22:35:03 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/04/22 11:31:56 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TeamViewer
[2014/02/18 13:04:21 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TemplateToaster
[2014/01/31 21:15:41 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Thunderbird
[2014/02/22 08:24:29 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >
[2014/03/18 03:32:08 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- E:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2014/03/18 03:32:08 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- E:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.17031_en-us_13f1d1e13e26c343\Explorer.adml

< MD5 for: EXPLORER.ADMX >
[2013/06/18 08:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- E:\Windows\PolicyDefinitions\Explorer.admx
[2013/06/18 08:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- E:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.17031_none_06abfc02c4a730f6\Explorer.admx

< MD5 for: EXPLORER.DESIGNER.VB >
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb

< MD5 for: EXPLORER.EXE >
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- E:\Windows\SysWOW64\explorer.exe
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/12 05:02:07 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/05/12 04:53:30 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- E:\Windows\explorer.exe
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\en-US\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\SysWOW64\en-US\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_f6e3d96c47731bda\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_013883be7bd3ddd5\explorer.exe.mui

< MD5 for: EXPLORER.EXE-7A3328DA.PF >
[2014/05/20 10:47:51 | 000,297,270 | ---- | M] () MD5=D9571FDD3B0E9837C1E16F9F0D3EE810 -- E:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf

< MD5 for: EXPLORER.RESX >
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx

< MD5 for: EXPLORER.VB >
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb

< MD5 for: EXPLORER.VSTEMPLATE >
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate

< MD5 for: EXPLORER.ZIP >
[2008/07/30 06:54:22 | 000,024,306 | ---- | M] () MD5=15FB707D04E269482E95D08430955719 -- E:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\VisualBasic\Windows Forms\1033\Explorer.zip

< MD5 for: IEXPLORE.BAT >
[2014/04/05 23:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- E:\Users\TC\AppData\Local\Temp\jrt\iexplore.bat

< MD5 for: IEXPLORE.EXE >
[2014/03/18 04:28:15 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- E:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/03/18 04:28:15 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- E:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_a6eb9498c5079540\iexplore.exe
[2014/03/18 04:28:15 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- E:\Program Files\Internet Explorer\iexplore.exe
[2014/03/18 04:28:15 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- E:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_9c96ea4690a6d345\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-1B894AFB.PF >
[2014/05/16 11:34:48 | 000,130,474 | ---- | M] () MD5=A3D79372A13F27509CAC264969CF13F0 -- E:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf

< MD5 for: IEXPLORE.EXE-F6A52C88.PF >
[2014/05/16 11:34:48 | 000,334,264 | ---- | M] () MD5=7EBB57CBEA8162D8F6A1D497CD585E59 -- E:\Windows\Prefetch\IEXPLORE.EXE-F6A52C88.pf

< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 08:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- E:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 08:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- E:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml

< MD5 for: SERVICES >
[2013/08/22 09:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- E:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services

< MD5 for: SERVICES.AIP >
[2012/03/29 21:35:50 | 000,297,104 | ---- | M] (Adobe Systems Incorporated) MD5=8311BFD3FD21EB8089259C491406A7B0 -- E:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Plug-ins\Extensions\Services.aip

< MD5 for: SERVICES.ASFX >
[2012/01/03 07:10:54 | 000,003,312 | ---- | M] () MD5=635BB28624835AC3C03696B1C74E7B9A -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012/01/03 07:10:54 | 000,003,252 | ---- | M] () MD5=B2F4D7E7D9563E1A6260039B2F26E61A -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2012/01/03 07:10:56 | 000,585,874 | ---- | M] () MD5=0E19E0BEA7B159153258688CF8ED7716 -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2010/10/25 16:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- E:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg

< MD5 for: SERVICES.DAT >
[2014/04/05 22:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- E:\Users\TC\AppData\Local\Temp\jrt\services.dat

< MD5 for: SERVICES.EXE >
[2013/08/22 07:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- E:\WINDOWS\SysNative\services.exe
[2013/08/22 07:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2014/03/18 03:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\WINDOWS\SysNative\en-US\services.exe.mui
[2014/03/18 03:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui

< MD5 for: SERVICES.JS >
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js

< MD5 for: SERVICES.LNK >
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk

< MD5 for: SERVICES.MOF >
[2013/06/18 08:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- E:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 08:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof

< MD5 for: SERVICES.MSC >
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 08:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\WINDOWS\SysNative\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 06:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\SysWOW64\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 08:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 06:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc

< MD5 for: SERVICES.PTXML >
[2013/08/22 00:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- E:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 00:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml

< MD5 for: WINLOGON.ADML >
[2014/03/18 03:32:07 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- E:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2014/03/18 03:32:07 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml

< MD5 for: WINLOGON.ADMX >
[2014/03/18 03:45:58 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- E:\Windows\PolicyDefinitions\WinLogon.admx
[2014/03/18 03:45:58 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx

< MD5 for: WINLOGON.EXE >
[2014/03/18 04:14:50 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- E:\WINDOWS\SysNative\winlogon.exe
[2014/03/18 04:14:50 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2014/03/18 03:32:01 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- E:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2014/03/18 03:32:01 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui

< MD5 for: WINLOGON.EXE-A7332602.PF >
[2014/05/16 13:20:59 | 000,007,420 | ---- | M] () MD5=8D26E727174EB7884C6984C24437FBB9 -- E:\Windows\Prefetch\WINLOGON.EXE-A7332602.pf

< MD5 for: WINLOGON.MFL >
[2014/03/18 03:32:01 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- E:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2014/03/18 03:32:01 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl

< MD5 for: WINLOGON.MOF >
[2013/08/22 00:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- E:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/22 00:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2014/05/12 17:19:22 | 000,000,000 | ---- | M] () -- E:\autoexec.bat
[2013/06/18 06:18:29 | 000,000,001 | --S- | M] () -- E:\BOOTNXT
[2014/05/20 10:42:42 | 3170,185,216 | -HS- | M] () -- E:\hiberfil.sys
[2014/05/15 10:13:59 | 000,000,104 | ---- | M] () -- E:\index.ini
[2014/05/20 10:42:45 | 4294,967,295 | -HS- | M] () -- E:\pagefile.sys
[2014/05/20 10:42:45 | 268,435,456 | -HS- | M] () -- E:\swapfile.sys
[2014/05/19 13:34:17 | 000,213,852 | ---- | M] () -- E:\TDSSKiller.3.0.0.34_19.05.2014_13.33.38_log.txt

< %systemroot%\Fonts\*.com >
[2014/05/05 12:18:03 | 000,026,040 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2014/05/05 12:18:03 | 000,026,489 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2014/05/05 12:18:03 | 000,029,779 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2014/05/05 12:18:03 | 000,043,318 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2013/08/22 09:35:03 | 000,000,065 | ---- | M] () -- E:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2014/03/31 21:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\WLXPGSS.SCR
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2013/08/22 09:34:52 | 000,000,174 | -HS- | M] () -- E:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive E has no label.
Volume Serial Number is 06A4-EA5E
Directory of E:\
08/22/2013 08:45 AM Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of E:\ProgramData
08/22/2013 08:45 AM Application Data [E:\ProgramData]
08/22/2013 08:45 AM Desktop [E:\Users\Public\Desktop]
08/22/2013 08:45 AM Documents [E:\Users\Public\Documents]
05/05/2014 10:38 AM Favorites [E:\Users\Public\Favorites]
08/22/2013 08:45 AM Start Menu [E:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users
08/22/2013 08:45 AM All Users [E:\ProgramData]
08/22/2013 08:45 AM Default User [E:\Users\Default]
0 File(s) 0 bytes
Directory of E:\Users\All Users
08/22/2013 08:45 AM Application Data [E:\ProgramData]
08/22/2013 08:45 AM Desktop [E:\Users\Public\Desktop]
08/22/2013 08:45 AM Documents [E:\Users\Public\Documents]
05/05/2014 10:38 AM Favorites [E:\Users\Public\Favorites]
08/22/2013 08:45 AM Start Menu [E:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\Default
08/22/2013 08:45 AM Application Data [E:\Users\Default\AppData\Roaming]
08/22/2013 08:45 AM Cookies [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013 08:45 AM Local Settings [E:\Users\Default\AppData\Local]
08/22/2013 08:45 AM My Documents [E:\Users\Default\Documents]
08/22/2013 08:45 AM NetHood [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013 08:45 AM PrintHood [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013 08:45 AM Recent [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013 08:45 AM SendTo [E:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013 08:45 AM Start Menu [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\Default\AppData\Local
08/22/2013 08:45 AM Application Data [E:\Users\Default\AppData\Local]
08/22/2013 08:45 AM History [E:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013 08:45 AM Temporary Internet Files [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013 08:45 AM Temporary Internet Files [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\Default\Documents
08/22/2013 08:45 AM My Music [E:\Users\Default\Music]
08/22/2013 08:45 AM My Pictures [E:\Users\Default\Pictures]
08/22/2013 08:45 AM My Videos [E:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of E:\Users\Default.migrated\Documents
07/26/2012 01:22 AM My Music [E:\Users\Default\Music]
07/26/2012 01:22 AM My Pictures [E:\Users\Default\Pictures]
07/26/2012 01:22 AM My Videos [E:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool
05/05/2014 10:30 AM Application Data [E:\Users\DefaultAppPool\AppData\Roaming]
05/05/2014 10:30 AM Cookies [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCookies]
05/05/2014 10:30 AM Local Settings [E:\Users\DefaultAppPool\AppData\Local]
05/05/2014 10:30 AM My Documents [E:\Users\DefaultAppPool\Documents]
05/05/2014 10:30 AM NetHood [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/05/2014 10:30 AM PrintHood [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/05/2014 10:30 AM Recent [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Recent]
05/05/2014 10:30 AM SendTo [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo]
05/05/2014 10:30 AM Start Menu [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu]
05/05/2014 10:30 AM Templates [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\AppData\Local
05/05/2014 10:30 AM Application Data [E:\Users\DefaultAppPool\AppData\Local]
05/05/2014 10:30 AM History [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\History]
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\Documents
05/05/2014 10:30 AM My Music [E:\Users\DefaultAppPool\Music]
05/05/2014 10:30 AM My Pictures [E:\Users\DefaultAppPool\Pictures]
05/05/2014 10:30 AM My Videos [E:\Users\DefaultAppPool\Videos]
0 File(s) 0 bytes
Directory of E:\Users\Public\Documents
08/22/2013 08:45 AM My Music [E:\Users\Public\Music]
08/22/2013 08:45 AM My Pictures [E:\Users\Public\Pictures]
08/22/2013 08:45 AM My Videos [E:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of E:\Users\TC
05/05/2014 10:30 AM Application Data [E:\Users\TC\AppData\Roaming]
05/05/2014 10:30 AM Cookies [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCookies]
05/05/2014 10:30 AM Local Settings [E:\Users\TC\AppData\Local]
05/05/2014 10:30 AM My Documents [E:\Users\TC\Documents]
05/05/2014 10:30 AM NetHood [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/05/2014 10:30 AM PrintHood [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/05/2014 10:30 AM Recent [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Recent]
05/05/2014 10:30 AM SendTo [E:\Users\TC\AppData\Roaming\Microsoft\Windows\SendTo]
05/05/2014 10:30 AM Start Menu [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu]
05/05/2014 10:30 AM Templates [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local
05/05/2014 10:30 AM Application Data [E:\Users\TC\AppData\Local]
05/05/2014 10:30 AM History [E:\Users\TC\AppData\Local\Microsoft\Windows\History]
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache
05/05/2014 10:40 AM Content.IE5 [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\Low
05/12/2014 02:29 AM Content.IE5 [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of E:\Users\TC\Documents
05/05/2014 10:30 AM My Music [E:\Users\TC\Music]
05/05/2014 10:30 AM My Pictures [E:\Users\TC\Pictures]
05/05/2014 10:30 AM My Videos [E:\Users\TC\Videos]
0 File(s) 0 bytes
Directory of E:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
05/06/2014 01:34 AM Content.IE5 [E:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of E:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
05/06/2014 01:34 AM Content.IE5 [E:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
76 Dir(s) 57,500,610,560 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/02/02 10:53:22 | 000,000,221 | -HS- | M] () -- E:\Users\TC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2014/03/18 04:17:23 | 000,000,148 | -HS- | M] () -- E:\Users\TC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2014/05/20 10:39:11 | 001,326,389 | ---- | M] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/19 13:51:04 | 005,200,426 | ---- | M] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/20 10:53:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/19 10:08:13 | 001,016,261 | ---- | M] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 14:28:50 | 000,982,016 | ---- | M] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:49:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 10:01:07 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/15 12:24:11 | 003,972,608 | ---- | M] () -- E:\Users\TC\Desktop\RogueKiller (1).exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> E:\Users\TC\OneDrive:ms-properties

< End of report >


Thank you for your assistance in advance,
T.C. Miller

    Advertisements

Register to Remove


#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 May 2014 - 12:03 AM

Hello tcmiller, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.  :)
 
======================================================
 
Important: I have laid out some "ground rules" I would very much appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Ensure you are subscribed to this topic to receive instant email notifications of my responses.
    • ​Scroll to the top of this page and ensure you see the following: 6hgDYJ6.png
    • If you are not set to follow this topic, click the Follow this topic button and follow the prompts.
  • Please attempt to backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.

======================================================

 

Please be advised that I am currently in training. My responses will need to be approved by one of our experts before I post them. This is only to ensure you are receiving accurate instructions. I will return as soon as possible. 
 

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#3 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 May 2014 - 11:28 AM

Hello tcmiller, 
 
I see you have Privoxy software installed on your computer. This article shows the default proxy for the programme is 127.0.0.1:8118. What makes you suspect the proxy is behind the in-text ads you are seeing in your browser? 
 
Port 8118 can be used to circumvent firewall policies. It is possible malware is behind the proxy rather than Privoxy. We will investigate this further once I ascertain the state of your computer. 
 
From your log I can see you have already run a wide variety of tools, including ComboFix, which should not be run without supervision from someone trained in usage of the programme. Please locate the following logs, copy and paste the contents in your next post.

  • ComboFix.txt (E:\Users\TC\Desktop)
  • RKill.txt (E:\Users\TC\Desktop)
  • Recent MBAM log (Open Malwarebytes and navigate to the logs tab)
  • HitmanPro log (C:\ProgramData\HitmanPro\Logs)
  • RKreport.txt (E:\Users\TC\Desktop)
  • TDSSKiller.3.0.0.34_19.05.2014_13.33.38_log.txt (E:\)

Please use multiple posts if you are unable to fit the logs in one post. If you have deleted any of the logs, please let me know. 

 

doesn't allow me access to some of my vendors sites

Which sites are you blocked from visiting?


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#4 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 24 May 2014 - 05:57 PM

Hello, 

I have not heard back from you in 3 days.

  • Do you still require help?
  • If you require additional time to complete my instructions, please let me know.
  • If you have not replied to this thread in 48 hours it will have to be closed.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#5 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 27 May 2014 - 11:08 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#6 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 27 May 2014 - 11:08 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users